Solved

Windows Firewall Ports on Exchange 2007 CAS/HUB/MAILBOX Server

Posted on 2008-10-24
6
3,050 Views
Last Modified: 2012-05-05
I recently turned on Windows Firewall on a Windows Server 2003 SP2 that has Exchange 2007 SP1 CAS/HUB/MAILBOX roles configured and email stopped coming in. I was wondering what ports I need to open to allow internal users to connect using Outlook 2003 and 2007. I tried to open port 25 & 443 but it still didn't work.
0
Comment
Question by:katredrum
6 Comments
 
LVL 8

Expert Comment

by:DenverRick
ID: 22799344
It will depend on where the Domain info is coming from, is this box a DC?
0
 
LVL 1

Author Comment

by:katredrum
ID: 22799851
No, it is only a member server.
0
 
LVL 5

Accepted Solution

by:
Probity earned 500 total points
ID: 22801876
25 - smtp
110 - pop3
143 - imap4
80 - http
443 - https

Those are necessary... however, if you have local users connecting to the box, they will be using MAPI which uses many ports (random) to connect to the server -- unless you're having your users use RPC over HTTPS in-house or POP/IMAP - you will need to disable to firewall.
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 
LVL 1

Author Comment

by:katredrum
ID: 22815749
Probity, thank you for your response. I do have users connecting via Outlook from inside the network so I will need to disable the firewall. Is it common practice to disable Windows Firewall on servers in general?
I had all my servers configured this way (without firewall on) but with some users on the network being infected with spyware, adware, and virus' I wanted to try and prevent the server from being infected on ports that doesn't have to be open.
0
 
LVL 1

Author Closing Comment

by:katredrum
ID: 31511014
Did a little more researching and found that no one really put the Windows Firewall on Exchange Server if they have a corporate firewall. I think it is kind of stupid that Microsoft isn't able to program their software to be protected using their own firewall.
0
 
LVL 1

Expert Comment

by:Nelesh_N
ID: 24410612
Sorry just to pick up on this. I'm having issues with dsl users coming into the network. If the maibox resides on the one cluster it works fine, if connecting to the other cluster it drops on ports 2141 and 2112. Are these the dynamic ports that exchange use to connect to Outlook?
0

Featured Post

Announcing the Most Valuable Experts of 2016

MVEs are more concerned with the satisfaction of those they help than with the considerable points they can earn. They are the types of people you feel privileged to call colleagues. Join us in honoring this amazing group of Experts.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Lotus Notes – formerly IBM Notes – is an email client application, while IBM Domino (earlier Lotus Domino) is an email server. The client possesses a set of features that are even more advanced as compared to that of Outlook. Likewise, IBM Domino is…
How to resolve IMCEAEX NDRs in Exchange or Exchange Online related to invalid X500 addresses.
In this video we show how to create an Address List in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Organization >> Ad…
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…

839 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question